| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrary code via unknown vectors. |
| The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. |
| Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name. |
| Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. |
| Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option. |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. |
| Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument. |
| Teardrop IP denial of service. |
| Delete or create a file via rpc.statd, due to invalid information. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
| Sun's ftpd daemon can be subjected to a denial of service. |
| The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag. |
| Buffer overflows in Sun libnsl allow root access. |
| Vacation program allows command execution by remote users through a sendmail command. |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. |
| The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). |
